India CERT-In Advisories

15 Elemental Cyber Defense Controls for Indian MSMEs

CERT-In has published 15 Elemental Cyber Defense Controls with 45 mapped security baseline recommendations for Micro, Small and Medium Enterprises (MSMEs) in India. The controls cover network and email security, endpoint and mobile security, asset management, secure configurations, incident management, data protection, access control, backup and recovery, logging and monitoring, and workforce security. The guidance recommends that MSMEs conduct annual baseline audits through CERT-In empaneled auditing organizations and integrate these controls into their cybersecurity policies.

Cyber Security Guidelines for Smart City Infrastructure

CERT-In has published comprehensive cybersecurity guidelines for Smart City Infrastructure developed in collaboration with Kaspersky. The document provides a foundational digitally resilient framework for protecting Smart City digital infrastructure against cyber threats, outlining cybersecurity architecture, network security, IoT device protections, data privacy measures, and operational security controls for command and control centres. Guidelines address 20 topic areas including AI/ML security, API security, supply chain security, incident response, and vulnerability management for State/UT CSIRTs and Smart City operators.

Technical Guidelines on SBOM QBOM CBOM AIBOM HBOM Version 2.0

CERT-In issued Version 2.0 of its Technical Guidelines on Software Bill of Materials (SBOM), Quantum BOM (QBOM), Cryptographic BOM (CBOM), Artificial Intelligence BOM (AIBOM), and Hardware BOM (HBOM) on July 9, 2025, expanding coverage from the previous version to include QBOM, CBOM, AIBOM, and HBOM frameworks. The guidelines provide minimum elements, implementation roadmaps, classification criteria, and best practices for organizations to develop and adopt BOM ecosystems aligned with software development lifecycle stages. Organizations in India are advised to establish roles, implement vulnerability tracking, and adopt secure SBOM distribution practices according to these guidelines.